forking-renovate[bot]
commented
2 weeks ago ℹ Artifact update notice
File name: vulnfeeds/go.mod
In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):
- 20 additional dependencies were updated
| Details: | Package | Change |
|---|---|---|
cloud.google.com/go |
v0.110.8 -> v0.113.0 |
|
cloud.google.com/go/compute/metadata |
v0.2.3 -> v0.3.0 |
|
cloud.google.com/go/iam |
v1.1.3 -> v1.1.8 |
|
cloud.google.com/go/longrunning |
v0.5.2 -> v0.5.7 |
|
github.com/ProtonMail/go-crypto |
v0.0.0-20230923063757-afb1ddc0824c -> v1.0.0 |
|
github.com/golang/protobuf |
v1.5.3 -> v1.5.4 |
|
github.com/googleapis/gax-go/v2 |
v2.12.0 -> v2.12.4 |
|
github.com/package-url/packageurl-go |
v0.1.2 -> v0.1.3 |
|
github.com/sergi/go-diff |
v1.3.1 -> v1.3.2-0.20230802210424-5b0b94c5c0d3 |
|
github.com/skeema/knownhosts |
v1.2.1 -> v1.2.2 |
|
golang.org/x/crypto |
v0.21.0 -> v0.24.0 |
|
golang.org/x/mod |
v0.14.0 -> v0.18.0 |
|
golang.org/x/net |
v0.23.0 -> v0.26.0 |
|
golang.org/x/oauth2 |
v0.13.0 -> v0.20.0 |
|
golang.org/x/sync |
v0.5.0 -> v0.7.0 |
|
golang.org/x/sys |
v0.18.0 -> v0.21.0 |
|
golang.org/x/text |
v0.14.0 -> v0.16.0 |
|
golang.org/x/tools |
v0.16.0 -> v0.22.0 |
|
golang.org/x/xerrors |
v0.0.0-20220907171357-04be3eba64a2 -> v0.0.0-20231012003039-104605ab7028 |
|
google.golang.org/api |
v0.149.0 -> v0.180.0 |
This PR contains the following updates:
v1.8.1->v1.10.0v1.11.4->v1.13.1v0.14.1->v0.16.0v5.11.0->v5.12.0v1.4.3->v1.7.49d8429e->9bdd5696522937->fc45aab🔧 This Pull Request updates lock files to use the latest dependency versions.
Release Notes
atombender/go-jsonschema (github.com/atombender/go-jsonschema)
### [`v0.16.0`](https://togithub.com/omissis/go-jsonschema/releases/tag/v0.16.0) [Compare Source](https://togithub.com/atombender/go-jsonschema/compare/v0.15.0...v0.16.0) This release introduces several new improvements: - Improve support for non-case-sensitive languages - Make generated go more stable, and solve annoying big diffs - Fix generated code for non-nullable types with two options - Removes nil check for `required` properties - Add support for additionalProperties when other fields exist #### What's Changed - Enhance splitIdentifierByCaseAndSeparators to support non-case-sensitive languages by [@zrma](https://togithub.com/zrma) in [https://github.com/omissis/go-jsonschema/pull/170](https://togithub.com/omissis/go-jsonschema/pull/170) - Stable output: Add some more names to anonymous Method classes by [@RobQuistNL](https://togithub.com/RobQuistNL) in [https://github.com/omissis/go-jsonschema/pull/169](https://togithub.com/omissis/go-jsonschema/pull/169) - Fix non-nullable type with two options by [@jagregory](https://togithub.com/jagregory) in [https://github.com/omissis/go-jsonschema/pull/205](https://togithub.com/omissis/go-jsonschema/pull/205) - Removes nil check for `required` properties by [@Henkoglobin](https://togithub.com/Henkoglobin) in [https://github.com/omissis/go-jsonschema/pull/215](https://togithub.com/omissis/go-jsonschema/pull/215) - Add support for additionalProperties when other fields exist by [@codeboten](https://togithub.com/codeboten) and [@omissis](https://togithub.com/omissis) in [https://github.com/omissis/go-jsonschema/pull/218](https://togithub.com/omissis/go-jsonschema/pull/218) - Update go and all deps by [@omissis](https://togithub.com/omissis) in [https://github.com/omissis/go-jsonschema/pull/217](https://togithub.com/omissis/go-jsonschema/pull/217) - Several [@renovate](https://togithub.com/renovate) PRs - fix(deps): update golang.org/x/exp digest to [`1b97071`](https://togithub.com/atombender/go-jsonschema/commit/1b97071) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/190](https://togithub.com/omissis/go-jsonschema/pull/190) - fix(deps): update module github.com/goccy/go-yaml to v1.11.3 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/191](https://togithub.com/omissis/go-jsonschema/pull/191) - fix(deps): update golang.org/x/exp digest to [`2c58cdc`](https://togithub.com/atombender/go-jsonschema/commit/2c58cdc) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/193](https://togithub.com/omissis/go-jsonschema/pull/193) - chore(deps): update golang docker tag to v1.22.0 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/195](https://togithub.com/omissis/go-jsonschema/pull/195) - chore(deps): update dependency golangci-lint to v1.56.0 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/196](https://togithub.com/omissis/go-jsonschema/pull/196) - chore(deps): update dependency golangci-lint to v1.56.1 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/197](https://togithub.com/omissis/go-jsonschema/pull/197) - chore(deps): update dependency shfmt to v3.8.0 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/198](https://togithub.com/omissis/go-jsonschema/pull/198) - fix(deps): update golang.org/x/exp digest to [`ec58324`](https://togithub.com/atombender/go-jsonschema/commit/ec58324) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/199](https://togithub.com/omissis/go-jsonschema/pull/199) - chore(deps): update dependency golangci-lint to v1.56.2 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/200](https://togithub.com/omissis/go-jsonschema/pull/200) - fix(deps): update golang.org/x/exp digest to [`814bf88`](https://togithub.com/atombender/go-jsonschema/commit/814bf88) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/201](https://togithub.com/omissis/go-jsonschema/pull/201) - chore(deps): update golang docker tag to v1.22.1 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/202](https://togithub.com/omissis/go-jsonschema/pull/202) - chore(deps): update dependency shellcheck to v0.10.0 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/203](https://togithub.com/omissis/go-jsonschema/pull/203) - chore(deps): update codecov/codecov-action action to v4 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/192](https://togithub.com/omissis/go-jsonschema/pull/192) - fix(deps): update golang.org/x/exp digest to [`c7f7c64`](https://togithub.com/atombender/go-jsonschema/commit/c7f7c64) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/206](https://togithub.com/omissis/go-jsonschema/pull/206) - fix(deps): update golang.org/x/exp digest to [`a85f2c6`](https://togithub.com/atombender/go-jsonschema/commit/a85f2c6) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/207](https://togithub.com/omissis/go-jsonschema/pull/207) - chore(deps): update dependency golangci-lint to v1.57.0 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/208](https://togithub.com/omissis/go-jsonschema/pull/208) - chore(deps): update dependency golangci-lint to v1.57.1 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/209](https://togithub.com/omissis/go-jsonschema/pull/209) - fix(deps): update golang.org/x/exp digest to [`a685a6e`](https://togithub.com/atombender/go-jsonschema/commit/a685a6e) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/210](https://togithub.com/omissis/go-jsonschema/pull/210) - chore(deps): update dependency golangci-lint to v1.57.2 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/211](https://togithub.com/omissis/go-jsonschema/pull/211) - chore(deps): update golang docker tag to v1.22.2 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/212](https://togithub.com/omissis/go-jsonschema/pull/212) - fix(deps): update golang.org/x/exp digest to [`c0f41cb`](https://togithub.com/atombender/go-jsonschema/commit/c0f41cb) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/213](https://togithub.com/omissis/go-jsonschema/pull/213) - fix(deps): update golang.org/x/exp digest to [`93d18d7`](https://togithub.com/atombender/go-jsonschema/commit/93d18d7) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/214](https://togithub.com/omissis/go-jsonschema/pull/214) - fix(deps): update golang.org/x/exp digest to [`fe59bbe`](https://togithub.com/atombender/go-jsonschema/commit/fe59bbe) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/216](https://togithub.com/omissis/go-jsonschema/pull/216) #### New Contributors - [@zrma](https://togithub.com/zrma) made their first contribution in [https://github.com/omissis/go-jsonschema/pull/170](https://togithub.com/omissis/go-jsonschema/pull/170) - [@RobQuistNL](https://togithub.com/RobQuistNL) made their first contribution in [https://github.com/omissis/go-jsonschema/pull/169](https://togithub.com/omissis/go-jsonschema/pull/169) - [@jagregory](https://togithub.com/jagregory) made their first contribution in [https://github.com/omissis/go-jsonschema/pull/205](https://togithub.com/omissis/go-jsonschema/pull/205) - [@Henkoglobin](https://togithub.com/Henkoglobin) made their first contribution in [https://github.com/omissis/go-jsonschema/pull/215](https://togithub.com/omissis/go-jsonschema/pull/215) - [@codeboten](https://togithub.com/codeboten) made their first contribution in [https://github.com/omissis/go-jsonschema/pull/218](https://togithub.com/omissis/go-jsonschema/pull/218) (replaces [https://github.com/omissis/go-jsonschema/pull/189](https://togithub.com/omissis/go-jsonschema/pull/189)) **Full Changelog**: https://github.com/omissis/go-jsonschema/compare/v0.15.0...v0.16.0 ### [`v0.15.0`](https://togithub.com/omissis/go-jsonschema/releases/tag/v0.15.0) [Compare Source](https://togithub.com/atombender/go-jsonschema/compare/v0.14.1...v0.15.0) This release introduces one new feature and a fix: - support for `file://` schema in references - support for yaml file references #### What's Changed - feat: add support for "file://" schema in $refs by [@omissis](https://togithub.com/omissis) in [https://github.com/omissis/go-jsonschema/pull/147](https://togithub.com/omissis/go-jsonschema/pull/147) - fix: support for yaml file references by [@johanneswuerbach](https://togithub.com/johanneswuerbach) in [https://github.com/omissis/go-jsonschema/pull/179](https://togithub.com/omissis/go-jsonschema/pull/179) - chore: split generate.go file by [@AlbertoBarba](https://togithub.com/AlbertoBarba) in [https://github.com/omissis/go-jsonschema/pull/153](https://togithub.com/omissis/go-jsonschema/pull/153) - chore(deps): update dependency golangci-lint to v1.55.2 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/162](https://togithub.com/omissis/go-jsonschema/pull/162) - chore(deps): update golang docker tag to v1.21.4 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/165](https://togithub.com/omissis/go-jsonschema/pull/165) - chore(deps): update golang docker tag to v1.21.5 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/174](https://togithub.com/omissis/go-jsonschema/pull/174) - chore(deps): update actions/setup-go action to v5 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/175](https://togithub.com/omissis/go-jsonschema/pull/175) - chore(deps): update golang docker tag to v1.21.6 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/184](https://togithub.com/omissis/go-jsonschema/pull/184) - fix(deps): update module github.com/spf13/cobra to v1.8.0 by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/163](https://togithub.com/omissis/go-jsonschema/pull/163) - fix(deps): update golang.org/x/exp digest to [`2478ac8`](https://togithub.com/atombender/go-jsonschema/commit/2478ac8) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/166](https://togithub.com/omissis/go-jsonschema/pull/166) - fix(deps): update golang.org/x/exp digest to [`9a3e603`](https://togithub.com/atombender/go-jsonschema/commit/9a3e603) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/168](https://togithub.com/omissis/go-jsonschema/pull/168) - fix(deps): update golang.org/x/exp digest to [`6522937`](https://togithub.com/atombender/go-jsonschema/commit/6522937) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/172](https://togithub.com/omissis/go-jsonschema/pull/172) - fix(deps): update golang.org/x/exp digest to [`f3f8817`](https://togithub.com/atombender/go-jsonschema/commit/f3f8817) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/176](https://togithub.com/omissis/go-jsonschema/pull/176) - fix(deps): update golang.org/x/exp digest to [`aacd6d4`](https://togithub.com/atombender/go-jsonschema/commit/aacd6d4) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/178](https://togithub.com/omissis/go-jsonschema/pull/178) - fix(deps): update golang.org/x/exp digest to [`dc181d7`](https://togithub.com/atombender/go-jsonschema/commit/dc181d7) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/180](https://togithub.com/omissis/go-jsonschema/pull/180) - fix(deps): update golang.org/x/exp digest to [`02704c9`](https://togithub.com/atombender/go-jsonschema/commit/02704c9) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/181](https://togithub.com/omissis/go-jsonschema/pull/181) - fix(deps): update golang.org/x/exp digest to [`be819d1`](https://togithub.com/atombender/go-jsonschema/commit/be819d1) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/182](https://togithub.com/omissis/go-jsonschema/pull/182) - fix(deps): update golang.org/x/exp digest to [`0dcbfd6`](https://togithub.com/atombender/go-jsonschema/commit/0dcbfd6) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/185](https://togithub.com/omissis/go-jsonschema/pull/185) - fix(deps): update golang.org/x/exp digest to [`db7319d`](https://togithub.com/atombender/go-jsonschema/commit/db7319d) by [@renovate](https://togithub.com/renovate) in [https://github.com/omissis/go-jsonschema/pull/186](https://togithub.com/omissis/go-jsonschema/pull/186) #### New Contributors - [@johanneswuerbach](https://togithub.com/johanneswuerbach) made their first contribution in [https://github.com/omissis/go-jsonschema/pull/179](https://togithub.com/omissis/go-jsonschema/pull/179) **Full Changelog**: https://github.com/omissis/go-jsonschema/compare/v0.14.1...v0.15.0go-git/go-git (github.com/go-git/go-git/v5)
### [`v5.12.0`](https://togithub.com/go-git/go-git/releases/tag/v5.12.0) [Compare Source](https://togithub.com/go-git/go-git/compare/v5.11.0...v5.12.0) #### What's Changed - git: Worktree.AddWithOptions: add skipStatus option when providing a specific path by [@moranCohen26](https://togithub.com/moranCohen26) in [https://github.com/go-git/go-git/pull/994](https://togithub.com/go-git/go-git/pull/994) - git: Signer: fix usage of crypto.Signer interface by [@wlynch](https://togithub.com/wlynch) in [https://github.com/go-git/go-git/pull/1029](https://togithub.com/go-git/go-git/pull/1029) - git: Remote, fetch, adds the prune option. by [@juliens](https://togithub.com/juliens) in [https://github.com/go-git/go-git/pull/366](https://togithub.com/go-git/go-git/pull/366) - git: Add crypto.Signer option to CommitOptions. by [@wlynch](https://togithub.com/wlynch) in [https://github.com/go-git/go-git/pull/996](https://togithub.com/go-git/go-git/pull/996) - git: Worktree checkout tag hash id ([#959](https://togithub.com/go-git/go-git/issues/959)) by [@aymanbagabas](https://togithub.com/aymanbagabas) in [https://github.com/go-git/go-git/pull/966](https://togithub.com/go-git/go-git/pull/966) - git: Worktree, Don't panic on empty or root path when checking if it is valid by [@tim775](https://togithub.com/tim775) in [https://github.com/go-git/go-git/pull/1042](https://togithub.com/go-git/go-git/pull/1042) - git: Add commit validation for Reset by [@pjbgf](https://togithub.com/pjbgf) in [https://github.com/go-git/go-git/pull/1048](https://togithub.com/go-git/go-git/pull/1048) - git: worktree_commit, Fix amend commit to apply changes. Fixes [#1024](https://togithub.com/go-git/go-git/issues/1024) by [@onee-only](https://togithub.com/onee-only) in [https://github.com/go-git/go-git/pull/1045](https://togithub.com/go-git/go-git/pull/1045) - git: Implement Merge function with initial `FastForwardMerge` support by [@pjbgf](https://togithub.com/pjbgf) in [https://github.com/go-git/go-git/pull/1044](https://togithub.com/go-git/go-git/pull/1044) - plumbing: object, Make first commit visible on logs filtered with filename. Fixes [#191](https://togithub.com/go-git/go-git/issues/191) by [@onee-only](https://togithub.com/onee-only) in [https://github.com/go-git/go-git/pull/1036](https://togithub.com/go-git/go-git/pull/1036) - plumbing: no panic in printStats function. Fixes [#177](https://togithub.com/go-git/go-git/issues/177) by [@nodivbyzero](https://togithub.com/nodivbyzero) in [https://github.com/go-git/go-git/pull/971](https://togithub.com/go-git/go-git/pull/971) - plumbing: object, Optimize logging with file. by [@onee-only](https://togithub.com/onee-only) in [https://github.com/go-git/go-git/pull/1046](https://togithub.com/go-git/go-git/pull/1046) - plumbing: object, check legitimacy in (\*Tree).Encode by [@niukuo](https://togithub.com/niukuo) in [https://github.com/go-git/go-git/pull/967](https://togithub.com/go-git/go-git/pull/967) - plumbing: format/gitattributes, close file in ReadAttributesFile by [@prskr](https://togithub.com/prskr) in [https://github.com/go-git/go-git/pull/1018](https://togithub.com/go-git/go-git/pull/1018) - plumbing: check setAuth error. Fixes [#185](https://togithub.com/go-git/go-git/issues/185) by [@nodivbyzero](https://togithub.com/nodivbyzero) in [https://github.com/go-git/go-git/pull/969](https://togithub.com/go-git/go-git/pull/969) - plumbing: object, fix variable defaultUtf8CommitMessageEncoding name spell error by [@Jerry-yz](https://togithub.com/Jerry-yz) in [https://github.com/go-git/go-git/pull/987](https://togithub.com/go-git/go-git/pull/987) - utils: merkletrie, calculate filesystem node's hash lazily. by [@candid82](https://togithub.com/candid82) in [https://github.com/go-git/go-git/pull/825](https://togithub.com/go-git/go-git/pull/825) - utils: update comment in node.go's Hash() by [@codablock](https://togithub.com/codablock) in [https://github.com/go-git/go-git/pull/992](https://togithub.com/go-git/go-git/pull/992) - \_example: fix 404 link and added ssh-agent clone link by [@grinish21](https://togithub.com/grinish21) in [https://github.com/go-git/go-git/pull/1022](https://togithub.com/go-git/go-git/pull/1022) - \_example: checkout-branch example by [@dlambda](https://togithub.com/dlambda) in [https://github.com/go-git/go-git/pull/446](https://togithub.com/go-git/go-git/pull/446) - \_example: example for git clone using ssh-agent by [@pjbgf](https://togithub.com/pjbgf) in [https://github.com/go-git/go-git/pull/998](https://togithub.com/go-git/go-git/pull/998) #### New Contributors - [@candid82](https://togithub.com/candid82) made their first contribution in [https://github.com/go-git/go-git/pull/825](https://togithub.com/go-git/go-git/pull/825) - [@codablock](https://togithub.com/codablock) made their first contribution in [https://github.com/go-git/go-git/pull/992](https://togithub.com/go-git/go-git/pull/992) - [@Jerry-yz](https://togithub.com/Jerry-yz) made their first contribution in [https://github.com/go-git/go-git/pull/987](https://togithub.com/go-git/go-git/pull/987) - [@wlynch](https://togithub.com/wlynch) made their first contribution in [https://github.com/go-git/go-git/pull/996](https://togithub.com/go-git/go-git/pull/996) - [@moranCohen26](https://togithub.com/moranCohen26) made their first contribution in [https://github.com/go-git/go-git/pull/994](https://togithub.com/go-git/go-git/pull/994) - [@grinish21](https://togithub.com/grinish21) made their first contribution in [https://github.com/go-git/go-git/pull/1022](https://togithub.com/go-git/go-git/pull/1022) - [@prskr](https://togithub.com/prskr) made their first contribution in [https://github.com/go-git/go-git/pull/1018](https://togithub.com/go-git/go-git/pull/1018) - [@dlambda](https://togithub.com/dlambda) made their first contribution in [https://github.com/go-git/go-git/pull/446](https://togithub.com/go-git/go-git/pull/446) - [@juliens](https://togithub.com/juliens) made their first contribution in [https://github.com/go-git/go-git/pull/366](https://togithub.com/go-git/go-git/pull/366) - [@onee-only](https://togithub.com/onee-only) made their first contribution in [https://github.com/go-git/go-git/pull/1036](https://togithub.com/go-git/go-git/pull/1036) - [@tim775](https://togithub.com/tim775) made their first contribution in [https://github.com/go-git/go-git/pull/1042](https://togithub.com/go-git/go-git/pull/1042) - [@niukuo](https://togithub.com/niukuo) made their first contribution in [https://github.com/go-git/go-git/pull/967](https://togithub.com/go-git/go-git/pull/967) - [@avoidalone](https://togithub.com/avoidalone) made their first contribution in [https://github.com/go-git/go-git/pull/1047](https://togithub.com/go-git/go-git/pull/1047) **Full Changelog**: https://github.com/go-git/go-git/compare/v5.11.0...v5.12.0google/osv-scanner (github.com/google/osv-scanner)
### [`v1.7.4`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v174) [Compare Source](https://togithub.com/google/osv-scanner/compare/v1.7.3...v1.7.4) ##### Features: - [Feature #943](https://togithub.com/google/osv-scanner/pull/943) Support scanning gradle/verification-metadata.xml files. ##### Misc: - [Bug #968](https://togithub.com/google/osv-scanner/issues/968) Hide unimportant Debian vulnerabilities to reduce noise. ### [`v1.7.3`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v173) [Compare Source](https://togithub.com/google/osv-scanner/compare/v1.7.2...v1.7.3) ##### Features: - [Feature #934](https://togithub.com/google/osv-scanner/pull/934) add support for PNPM v9 lockfiles. ##### Fixes: - [Bug #938](https://togithub.com/google/osv-scanner/issues/938) Ensure the sarif output has a stable order. - [Bug #922](https://togithub.com/google/osv-scanner/issues/922) Support filtering on alias IDs in Guided Remediation. ### [`v1.7.2`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v172) [Compare Source](https://togithub.com/google/osv-scanner/compare/v1.7.1...v1.7.2) ##### Fixes: - [Bug #899](https://togithub.com/google/osv-scanner/issues/899) Guided Remediation: Parse paths in npmrc auth fields correctly. - [Bug #908](https://togithub.com/google/osv-scanner/issues/908) Fix rust call analysis by explicitly disabling stripping of debug info. - [Bug #914](https://togithub.com/google/osv-scanner/issues/914) Fix regression for go call analysis introduced in 1.7.0. ### [`v1.7.1`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v171) [Compare Source](https://togithub.com/google/osv-scanner/compare/v1.7.0...v1.7.1) (There is no Github release for this version) ##### Fixes - [Bug #856](https://togithub.com/google/osv-scanner/issues/856) Add retry logic to make calls to OSV.dev API more resilient. This combined with changes in OSV.dev's API should result in much less timeout errors. ##### API Features - [Feature #781](https://togithub.com/google/osv-scanner/pull/781) add `MakeVersionRequestsWithContext()` - [Feature #857](https://togithub.com/google/osv-scanner/pull/857) API and networking related errors now has their own error and exit code (Exit Code 129) ### [`v1.7.0`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v170) [Compare Source](https://togithub.com/google/osv-scanner/compare/v1.6.2...v1.7.0) ##### Features - [Feature #352](https://togithub.com/google/osv-scanner/issues/352) Guided Remediation Introducing our new experimental guided remediation feature on `osv-scanner fix` subcommand. See our [docs](https://google.github.io/osv-scanner/experimental/guided-remediation/) for detailed usage instructions. - [Feature #805](https://togithub.com/google/osv-scanner/pull/805) Include CVSS MaxSeverity in JSON output. ##### Fixes - [Bug #818](https://togithub.com/google/osv-scanner/pull/818) Align GoVulncheck Go version with go.mod. - [Bug #797](https://togithub.com/google/osv-scanner/pull/797) Don't traverse gitignored dirs for gitignore files. ##### Miscellaneous - [#831](https://togithub.com/google/osv-scanner/pull/831) Remove version number from the release binary name. ### [`v1.6.2`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v162) [Compare Source](https://togithub.com/google/osv-scanner/compare/v1.6.1...v1.6.2) ##### Features - [Feature #694](https://togithub.com/google/osv-scanner/pull/694) Add subcommands! OSV-Scanner now has subcommands! The base command has been moved to `scan` (currently the only commands is `scan`). By default if you do not pass in a command, `scan` will be used, so CLI remains backwards compatible. This is a building block to adding the guided remediation feature. See [issue #352](https://togithub.com/google/osv-scanner/issues/352) for more details! - [Feature #776](https://togithub.com/google/osv-scanner/pull/776) Add pdm lockfile support. ##### API Features - [Feature #754](https://togithub.com/google/osv-scanner/pull/754) Add dependency groups to flattened vulnerabilities output. ### [`v1.6.1`](https://togithub.com/google/osv-scanner/releases/tag/v1.6.1) [Compare Source](https://togithub.com/google/osv-scanner/compare/v1.6.0...v1.6.1) ### v1.6.0/v1.6.1: ##### Features - [Feature #694](https://togithub.com/google/osv-scanner/pull/694) Add support for NuGet lock files version 2. - [Feature #655](https://togithub.com/google/osv-scanner/pull/655) Scan and report dependency groups (e.g. "dev dependencies") for vulnerabilities. - [Feature #702](https://togithub.com/google/osv-scanner/pull/702) Created an option to skip/disable upload to code scanning. - [Feature #732](https://togithub.com/google/osv-scanner/pull/732) Add option to not fail on vulnerability being found for GitHub Actions. - [Feature #729](https://togithub.com/google/osv-scanner/pull/729) Verify the spdx licenses passed in to the license allowlist. ##### Fixes - [Bug #736](https://togithub.com/google/osv-scanner/pull/736) Show ecosystem and version even if git is shown if the info exists. - [Bug #703](https://togithub.com/google/osv-scanner/pull/703) Return an error if both license scanning and local/offline scanning is enabled simultaneously. - [Bug #718](https://togithub.com/google/osv-scanner/pull/718) Fixed parsing of SBOMs generated by the latest CycloneDX. - [Bug #704](https://togithub.com/google/osv-scanner/pull/704) Get go stdlib version from go.mod. ##### API Features - [Feature #727](https://togithub.com/google/osv-scanner/pull/727) Changes to `Reporter` methods to add verbosity levels and to deprecate functions. #### New Contributors - [@geekNero](https://togithub.com/geekNero) made their first contribution in [https://github.com/google/osv-scanner/pull/718](https://togithub.com/google/osv-scanner/pull/718) **Full Changelog**: https://github.com/google/osv-scanner/compare/v1.5.0...v1.6.0-alpha3 ### [`v1.6.0`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v160) [Compare Source](https://togithub.com/google/osv-scanner/compare/v1.5.0...v1.6.0) ##### Features - [Feature #694](https://togithub.com/google/osv-scanner/pull/694) Add support for NuGet lock files version 2. - [Feature #655](https://togithub.com/google/osv-scanner/pull/655) Scan and report dependency groups (e.g. "dev dependencies") for vulnerabilities. - [Feature #702](https://togithub.com/google/osv-scanner/pull/702) Created an option to skip/disable upload to code scanning. - [Feature #732](https://togithub.com/google/osv-scanner/pull/732) Add option to not fail on vulnerability being found for GitHub Actions. - [Feature #729](https://togithub.com/google/osv-scanner/pull/729) Verify the spdx licenses passed in to the license allowlist. ##### Fixes - [Bug #736](https://togithub.com/google/osv-scanner/pull/736) Show ecosystem and version even if git is shown if the info exists. - [Bug #703](https://togithub.com/google/osv-scanner/pull/703) Return an error if both license scanning and local/offline scanning is enabled simultaneously. - [Bug #718](https://togithub.com/google/osv-scanner/pull/718) Fixed parsing of SBOMs generated by the latest CycloneDX. - [Bug #704](https://togithub.com/google/osv-scanner/pull/704) Get go stdlib version from go.mod. ##### API Features - [Feature #727](https://togithub.com/google/osv-scanner/pull/727) Changes to `Reporter` methods to add verbosity levels and to deprecate functions. ### [`v1.5.0`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v150) [Compare Source](https://togithub.com/google/osv-scanner/compare/v1.4.3...v1.5.0) ##### Features - [Feature #501](https://togithub.com/google/osv-scanner/pull/501) Add experimental license scanning support! See https://osv.dev/blog/posts/introducing-license-scanning-with-osv-scanner/ for more information! - [Feature #642](https://togithub.com/google/osv-scanner/pull/642) Support scanning `renv` files for the R language ecosystem. - [Feature #513](https://togithub.com/google/osv-scanner/pull/513) Stabilize call analysis for Go! The experimental `--experimental-call-analysis` flag has now been updated to: --call-analysis=Configuration
📅 Schedule: Branch creation - "before 6am on wednesday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.